Senior Application Security Engineer (TypeScript/AWS)

Тип работы

fulltime

Грейд

senior

Английский

Страна

Portugal

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Senior Application Security Engineer (TypeScript/AWS): Owning the security posture of software and development practices with an accent on the intersection of software engineering and application security. Focus on integrating security checks into CI/CD pipelines, managing vulnerability remediation, and ensuring ISO 27001 compliance.

Location: Portugal

Company

hirify.global is an international edtech startup empowering millions of learners and organizations with essential data and AI skills.

What you will do

Own end-to-end vulnerability management, including triage, prioritization, and driving remediation across the organization.
Act as the primary engineering responder for security incidents, bug bounty programs, and penetration testing.
Maintain and integrate security tooling (JFrog X-Ray, SonarCloud, OWASP ZAP) into CI/CD pipelines.
Embed security guardrails into development workflows, specifically for AI-assisted and Agentic development practices.
Drive the adoption of secure coding standards and OWASP best practices (Web and API).
Support the ISO 27001 compliance program and lead annual security awareness training for developers.

Requirements

6+ years of experience in software engineering or application security with a strong coding background.
Proficiency in TypeScript/Node.js, with good knowledge of Ruby on Rails, React, Kubernetes, and AWS.
Deep understanding of OWASP Top 10, secure SDLC, and threat modeling.
Hands-on experience with SAST, DAST, and SCA tooling.
Experience working within ISO 27001 or similar compliance frameworks.
Must be based in Portugal

Nice to have

Experience with compliance monitoring tools such as Vanta.
Practical experience using AI-assisted development tools like Claude Code or Cursor in daily workflows.

Culture & Benefits

Yearly learning budget for professional growth, conferences, and training.
Flexible working hours to support work-life balance.
Annual budget for refreshing home office IT equipment.
Participation in international company retreats.
Competitive compensation package.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →